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Figure 1 
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load/insert data into table with encrytion 
column(s) and owner(s) specified using 
extended SQL 



RDBMS generates working key Ks for encryption 
column and encrypts it using the column owner's 
public key. The encryption result is stored into the 
security catalog. 
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Data entries in the encryption column are encrypted 
using data encryption key Ks 



The ciphertext of the encryption column, toget her 
with the plaintext of the other column(s), if any, 
is written into disk 
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Figure 2 
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User issues query that involves encrypted column, 
together with the user's private key, using extended 
SQ L 
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The ownership of the user for the encrypted column 
is checked using the information in the security catalog 



^ownership check passed 
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The correctness of the private key is verified 
325 



330 




The private key is used to decrypt the encrypted 
data encryption key Ks in the security catalog 



X 



Key Ks is used to decrypt the encryption column 
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The query is processed as normal 
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Query answer is returned 
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4 END y 
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Query is denied 



Figure 3 



